Security expert Mark Burnett asks his readers, "Are your web applications really secure?" This unique book walks readers through the many threats to their web application code. For every defined threat, the book provides a menu of solutions and coding considerations. It then offers coding examples and a set of security policies for each of the corresponding threats.
Chris Williams, President of Syngress Publishing, said, "'Hacking the Code' focuses on auditing existing code as well writing new code. It is the first book for programmers that really provides specific coding examples on how to integrate secure code with existing .NET security services."
Chapter topics include: Managing Users, Authenticating and Authorizing Users, Managing Sessions, Encrypting Private Data, Filtering Input, Accessing Data, Building ASP.NET Applications, and Securing XML.
PRICE: $49.95 U.S.
PAGE COUNT: 480 PP
About the Authors
Mark Burnett (Microsoft MVP) is an independent security consultant, freelance writer, and a specialist in securing Windows-based IIS Web servers. Mark is co-author of "Maximum Windows Security" and is a contributor to Dr. Tom Shinder's "ISA Server and Beyond: Real World Security Solutions for Microsoft Enterprise Networks" (Syngress Publishing, ISBN: 1-931836-66-3). He is a contributor and technical editor for Syngress Publishing's "Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle" (ISBN: 1-931836-69-8). Mark speaks at various security conferences and has published articles in "Windows & .NET," "Information Security," "Windows Web Solutions," "Security Administrator," and is a regular contributor at SecurityFocus.com. Mark also publishes articles on his own web site, IISSecurity.info.
James C. Foster (Technical Editor) is the Deputy Director, Global Security Development for Computer Sciences Corporation where he is leading the task of developing and delivering managed, educational, informational, consulting, and outsourcing security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product and corporate R&D including corporate strategy and international market expansion. He is commonly asked to comment on pertinent security issues and has been cited in "USA Today," "Information Security Magazine," "Baseline," "Computer World," "Secure Computing," and the "MIT Technologist." James has co-authored or contributed to "Snort 2.0 Intrusion Detection" (Syngress, ISBN: 1-931836-74-4), and "Special Ops Host and Network Security for Microsoft, Unix, and Oracle" (Syngress, ISBN: 1-931836-69-8). James has attended Yale, Harvard, and the University of Maryland and has an AS, BS, MBA and is currently a Fellow at the University of Pennsylvania's Wharton School of Business.
Syngress Publishing (www.syngress.com), headquartered in Rockland, Massachusetts, is an independent publisher of print and electronic reference materials for Information Technology professionals seeking skill enhancement and career advancement. Distributed throughout Europe, Asia, and the U.S. and Canada, Syngress titles have been translated into twenty languages. The company's pioneering customer support program, firstname.lastname@example.org, extends the value of every Syngress title with regular information updates and customer-driven author forums. For more information on Syngress products, contact Amy Pedersen at 781-681-5151 or email email@example.com. Syngress books are distributed in the United States and Canada by O'Reilly Media, Inc.